<%@ page import="org.apache.struts.action.Action"%>
<%@page import="com.mbbmap.util.StringUtils"%>
<%@ page import = "java.io.*" %>
<%@ page import = "java.net.*" %>
<%@ page import = "java.text.*" %>
<%@ page import = "java.util.*" %>
<%@ page import = "java.util.Map" %>
<%@ page import = "java.util.HashMap" %>
<%@ page import="com.mbbmap.app.manager.*" %>
<%@ page import="com.mbbmap.app.EbppKeys" %>
<%@ page import="com.mbbmap.util.*" %>
<%@ page import = "com.mbbmap.security.dao.*" %>



<html>
<head>
<link rel="stylesheet" href="resource/mbb_sec_global.css" type="text/css" />
<%
String strPwdRegExp = (String) session.getAttribute(Constants.PASSWORD_REG_EXP);
String msg = StringUtils.NullSafe((String) request.getAttribute("msg"));
String msg_id = StringUtils.NullSafe((String) request.getAttribute("msg_id"));

String userid = StringUtils.NullSafe((String) request.getAttribute("userid"));
String pass1 = StringUtils.NullSafe((String) request.getAttribute("pass1"));
String pass2 = StringUtils.NullSafe((String) request.getAttribute("pass2"));

boolean showParam = false;
String msgColor = "red";

if (msg_id.equalsIgnoreCase("MSG001") || msg_id.equalsIgnoreCase("MSG002"))
	showParam = true;

if (msg_id.equalsIgnoreCase("MSG999"))
	msgColor = "green";

ArrayList secGroupAccessList = (ArrayList) session.getAttribute(Constants.LOGON_ACCESS_LIST);
SecUserDao oSecUserDao = (SecUserDao) session.getAttribute(Constants.LOGGED_USER);
String sUserName = oSecUserDao.getUserName();
String lastLogonDateTime = (String) session.getAttribute(Constants.LAST_LOGON_DATETIME);

String selected = "sec004";
int iSec001 = 0;
int iSec002 = 0;
int iSec003 = 0;
int iSec004 = 0;
int iSec005 = 0;
int iSec006 = 0;
int iSec007 = 0;
int iSec008 = 0;

for(int i=0;i<secGroupAccessList.size();i++){
	SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
	String strModuleCode  = secaccessDao.getModuleCode();
	if(strModuleCode.equals("SEC001"))
		iSec001 = 1;
	if(strModuleCode.equals("SEC002"))
		iSec002 = 1;
	if(strModuleCode.equals("SEC003"))
		iSec003 = 1;
	if(strModuleCode.equals("SEC004"))
		iSec004 = 1;
	if(strModuleCode.equals("SEC005"))
		iSec005 = 1;
	if(strModuleCode.equals("SEC006"))
		iSec006 = 1;
	if(strModuleCode.equals("SEC007"))
		iSec007 = 1;
	if(strModuleCode.equals("SEC008"))
		iSec008 = 1;
}
%>


<link href="resource/style.css" rel="stylesheet" type="text/css">
<script type="text/javascript">
	    window.history.forward();
	    function noBack() { window.history.forward(); }
	</script>
<style type="text/css"></style></head>
<SCRIPT LANGUAGE="JavaScript1.2">
	function getGrpUsers(){
		strGroupCode = document.GetGrpUsersForm.GrpCode[document.GetGrpUsersForm.GrpCode.selectedIndex].value;
		if(strGroupCode==null || strGroupCode==""){
			alert("Please Select Group !");
			return false;
		}
		document.GetGrpUsersForm.selusergrp.value = strGroupCode;
		document.GetGrpUsersForm.action='<%=response.encodeURL("UpdateUsers.do?dispatch=getUsers")%>';
		document.GetGrpUsersForm.submit();
	}

	function AddUser(){
		var sym = /[^a-zA-z0-9_]/;
		var letters = /[^a-zA-z ]/; 
		strUID = document.AddUserForm.UserID.value;
		if(strUID==null || strUID==""){
			alert("Please enter User ID");
			return false;
		}
		else if(strUID.match(sym)){
			alert("Your ID cannot have spacebar or symbols");
			return false;
		}
		strUName = document.AddUserForm.UserName.value;
		if(strUName==null || strUName==""){
			alert("Please enter User Name");
			return false;
		}
		else if(strUName.match(letters)){
			alert("Your name cannot have numbers or symbols");
			return false;
		}
		strPwd = document.AddUserForm.UserPWD.value;
		strPwd2 = document.AddUserForm.UserPWD2.value;
		
		ng ="password";
		ng2 ="PASSWORD";
		var invalid = " "; // Invalid character is a space
		var rule = document.AddUserForm.pwdRegExp.value;
		var re = new RegExp(rule);

		if(strPwd==null || strPwd==""){
			alert("Please enter User Password");
			return false;
		}
		else {
			if	(strUID==strPwd){
				alert("Your password cannot be the same as your ID.");
				return false;
			}
			if (strPwd.length < 8){
				alert("The User Password length must more than 8 characters long");
				return false;
			}
			if(strPwd.indexOf(invalid) > -1) {
				alert("Sorry, spaces are not allowed in The User Password");
				return false;
			}
			if (strPwd==ng || strPwd== ng2){
				alert("Sorry, the password you insert is not allowed.");
				return false;
			}
			
		if(rule != "")
			{
		 		if (!re.test(strPwd)) 
				{ 		
					alert("Please enter a valid User Password");
					return false;
				} 
			}
		}
		
		
		if(strPwd2==null || strPwd2==""){
			alert("Please enter Confirm User Password");
			return false;
		}
		else
		{
			if (strPwd2.length < 8){
				alert("The Confirm User Password length must more than 8 characters long");
				return false;
			}
			else if(strPwd2.indexOf(invalid) > -1) {
				alert("Sorry, spaces are not allowed in The Confirm User Password");
				return false;
			}
			else
			{
				if(rule != "")
				{
					 if (!re.test(strPwd2)) 
					{ 		
						alert("Please enter a valid Confirm User Password");
						return false;
					} 
				}
				
				if(strPwd2 != strPwd)
				{
					alert("The Confirm User Password must same with User Password for comfirmation");
					return false;
				}
			}
		}

		document.AddUserForm.action='<%=response.encodeURL("UpdateUsers.do?dispatch=addUsers")%>';
		document.AddUserForm.submit();
	}
	
	function edituser(strUserID,userID){
		
 		document.GetUserForm.sremuser.value = strUserID;
		document.GetUserForm.action='<%=response.encodeURL("UpdateUsers.do?dispatch=editUsers")%>';
		document.GetUserForm.submit();
		
	}
	
	function removeuser(strUserID,userID){
		if(strUserID==null || strUserID==""){
			alert("Please enter User ID");
			return false;
		}
		var msg = "Confirm Delete of "+userID;
		
		if (confirm(msg)){
 		document.GetUserForm.sremuser.value = strUserID;
		document.GetUserForm.action='<%=response.encodeURL("UpdateUsers.do?dispatch=remUsers")%>';
		document.GetUserForm.submit();
		}
	}
</SCRIPT>
</head>
<%
	ArrayList arlSecGroupList = new ArrayList();
	arlSecGroupList = (ArrayList) session.getAttribute(Constants.SECURITY_UGROUP);
	ArrayList secGroupUserList = new ArrayList();
	secGroupUserList = (ArrayList) session.getAttribute(Constants.SECURITY_USER_LIST);

	String strESelectedGroup = "";
	String strSelectedGroup = "";
	String strSelectedGroupName = "";
	String strErrLogonMsg = "";
	
	strESelectedGroup = (String) session.getAttribute(Constants.SELECTED_SEC_UGRP);
	strErrLogonMsg = (String) session.getAttribute(Constants.LOGON_ERR_MSG);
	
	if ((strESelectedGroup == null) || (strESelectedGroup.equals(""))){
		strESelectedGroup = "";
		strSelectedGroup = "";
	}else{
		strSelectedGroup = EncryptionHelper.decrypt(strESelectedGroup,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	}
	String strGroupCode = "";
	String strSelectedModule = "";
	String strModuleCode = "";

%>



<body class="home" onload="noBack();" onpageshow="if (event.persisted) noBack();" onunload="">

	<a name="top"></a>
	
<!-- Header -->
<%@ include file="/jsp/common/Header.jsp" %>	
<!-- End Header -->

<div id="bgWrapper">
		<div id="container">
		
					<div id="titleBar">
						<ul class="topBar">
							<li class="goBackBt"><a href="<%=request.getContextPath()%>/ShowSecurityHome.do?dispatch=init"></a></li>

							<li>
							  <h1>User Creation</h1></li>
						</ul>
					</div>
		
					<div id="fullcontent">
		
						<!-- Security Navigation -->
						<%@ include file="SecurityNavigation.jsp" %>	
						<!-- End SecurityNavigation -->
			
			
						<div id="contentRightIn">
							
							
								<!-- Module Title -->
								<table align="center" width=100% border="0" rules="cols" class="tblDetails">
										<thead>
											<tr>
												<th colspan="4">
													<h4>Update Users</h4>
												</th>
											</tr>
										</thead>
											
										<tr class="even">
											<td colspan="2" align="center" style="text-align:center !important;">
												Security Module - User Updates.
												<p style="font-weight:bold;color: <%=msgColor%> !important;"><%=msg%></p>
											</td>
										</tr>
										
										<%
										if(strErrLogonMsg != null)
										{
											if(!strErrLogonMsg.equals(""))
											{
										%>
											<th class="pageTitle" colspan="2"><%=strErrLogonMsg%></th>
										<%
											}
										}
										%>
										<tr class="header">
											<td colspan = "2"></td>
										</tr>
										
								</table>
								
								<form name="GetGrpUsersForm" action="" method="post">
									<input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
									<input type="hidden" name="selusergrp" value="">
									<table align="center" class="tbldetails" width=100% border="0" rules="cols">
										<thead class="th1">
											<tr>
												<th colspan="3">
													<div class="sectionTableTitle">
														<h2>Security Groups</h2>
													</div>
												</th>
										</thead>
										<tr class="headerD" style="border: thin solid">
											<td width="50%" class="center_note">Group Code</td>
											<td width="40%" class="center_note">
										<select name="GrpCode" size="1">
											<option value=''>Select Group</option>
							<%
											for(int i=0;i<arlSecGroupList.size();i++){
												SecGroupLevelDao secgrplevelDao = (SecGroupLevelDao)arlSecGroupList.get(i);
												if (secgrplevelDao.getcGroupCode().equals(strSelectedGroup)){
													strGroupCode  = EncryptionHelper.encrypt(secgrplevelDao.getcGroupCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
													strSelectedGroupName = secgrplevelDao.getChildGroupName();
													System.out.println(strSelectedGroupName+"----------");
													//the selected account will be displayed
							%>
													<option selected value='<%=strGroupCode%>'><%=secgrplevelDao.getChildGroupName()%></option>
							<%
												}else{
													strGroupCode  = EncryptionHelper.encrypt(secgrplevelDao.getcGroupCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
							%>
													<option value='<%=strGroupCode%>'><%=secgrplevelDao.getChildGroupName()%></option>
							<%
												}
											}
							%>
												</select>
							
											</td>
											<td width="10%" class="center_note"><input type="button" name="next" value="Get Users" onClick="getGrpUsers()"></input></td>
										</tr>
									</table>
							
							</form>
							
							
							
							<%		if ((strSelectedGroup != null) && (!strSelectedGroup.equals(""))){ %>
							<form name="GetUserForm" action="" method="post">
								<input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
								<input type="hidden" name="seluser" value="">
								<input type="hidden" name="sremuser" value="">
								<table align="center" class="tbldetails" width=100% border="0" rules="cols">
									<thead class="th1">
										<tr>
											<th colspan="6">
												<div class="sectionTableTitle">
													<h2>List of User for the Group : <%=strSelectedGroupName%></h2>
												</div>
											</th>
										</tr>
									</thead>
									<tr class="headerD">
										<td width="20%" class="center_note">User ID</td>
										<td width="20%" class="center_note">User Name</td>
										<td width="15%" class="center_note">Region</td>
										<td width="15%" class="center_note">Dormant</td>
										<td width="15%" class="center_note">View/Edit</td>
										<td width="15%" class="center_note">Remove</td>
									</tr>
						<%
										String row = "";
										int result;
						
										for(int i=0;i<secGroupUserList.size();i++){
											SecUserDao secuserdao  = (SecUserDao)secGroupUserList.get(i);
						
											result = (i + secGroupUserList.size()) % 2;
											
											if(result==0)
											{
												row="even";
											}
											else
											{
												row="odd";
											}
											
											
						%>
											<tr class="<%=row%>" >
												<td width="20%" class="center_note"><%=secuserdao.getLogonId()%></td>
												<td width="20%" class="center_note"><%=secuserdao.getUserName()%></td>
												<td width="15%" class="center_note"><%=secuserdao.getCountryCode()%></td>
												<% if(secuserdao.getDormantDays() == 0) {%>
													<td width="15%" class="center_note"><%=secuserdao.getDormantDays()%> day</td>
												<% } else { %>
													<td width="15%" class="center_note"><%=secuserdao.getDormantDays()%> days</td>
												<% } %> 
												<td width="15%" class="center_note"><a href="#" onclick="edituser('<%=secuserdao.getLogonId()%>','<%=secuserdao.getLogonId()%>');"><font color="#0033cc"><u>View/Edit</u></font></a></td>
												<td width="15%" class="center_note"><a href="#" onclick="removeuser('<%=secuserdao.getLogonId()%>','<%=secuserdao.getLogonId()%>');"><font color="#0033cc"><u>Remove</u></font></a></td>
											</tr>
						
						<%
									}
						%>
							</table>
						</form>

						<br />

						<form name="AddUserForm" action="" method="post">
								<input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
								<input type="hidden" name="selusergrp" value="<%=strESelectedGroup%>">
								<input type="hidden" name="pwdRegExp" value="<%=strPwdRegExp%>">
								<table align="center" class="tbldetails" width=100% border="0" rules="cols">
									<thead class="th1">
										<tr>
											<th colspan="5">
												<div class="sectionTableTitle">
													<h2>Add User for the Group : <%=strSelectedGroupName%></h2>
												</div>
											</th>
									</thead>
									<tr border="0">
										<td width="15%" class="center_note">User Login ID: </td>
										<td width="30%" class="center_note"><input type="text" name="UserID" value="" size=20 maxlength="10"></td>
										<td width="15%" class="center_note">User Name: </td>
										<td width="30%" class="center_note"><input type="text" name="UserName" value="" size=20 maxlength="60"></td>
										<td width="10%" class="center_note">&nbsp;</td>
									</tr>
									<tr border="0">
										<td width="15%" class="center_note">Full Name: </td>
										<td width="30%" class="center_note"><input type="text" name="FullName" value="" size=20 maxlength="120"></td>
										<td width="15%" class="center_note">Email: </td>
										<td width="30%" class="center_note"><input type="text" name="Email" value="" size=20 maxlength="120"></td>
										<td width="10%" class="center_note">&nbsp;</td>
									</tr>
									<tr border="0">
										<td width="15%" class="center_note">User Dept: </td>
										<td width="30%" class="center_note"><input type="text" name="UserDept" value="" size=20 maxlength="120"></td>
										<td width="15%" class="center_note">User Region: </td>
										<td width="30%" class="center_note">
											<select name="UserRegion">
												<option disabled="disabled" value=""> -- Please Select -- </option>
												<option value="MY">Malaysia</option>
												<option value="SG">Singapore</option>
												<option value="PH">Philippines</option>
												<option value="KH">Cambodia</option>
											</select>
										</td>
										<td width="10%" class="center_note">&nbsp;</td>
									</tr>
									<tr border="0">
										<td width="15%" class="center_note">User Password: </td>
										<td width="30%" class="center_note"><input type="password" name="UserPWD" value="" size=20 maxlength="13"></td>
										<td width="15%" class="center_note">Confirm User Password : </td>
										<td width="30%" class="center_note"><input type="password" name="UserPWD2" value="" size=20 maxlength="13"></td>
										<td width="10%" class="center_note">&nbsp;</td>
									</tr>
									<tr border="0">				
										<td width="15%" class="center_note">Group Name: </td>
										<td width="30%" class="center_note"><%=strSelectedGroupName%></td>
										<td width="15%" class="center_note">&nbsp;</td>				
										<td width="10%" class="center_note">&nbsp;</td>	
										<td width="35%" class="center_note"><input type="button" value="Submit" onClick="AddUser()"> </td>		
									</tr>
									<tr border="0">	
										<td width="100%" class="left_note" colspan="4">
										<B> Password Combinations :</B><BR>
										1. Password will contain at least (1) upper case letter <BR>
										2. Password will contain at least (1) lower case letter <BR>
										3. Password will contain at least (1) number and special letter <BR>
										4. Password will contain at least (8 to 10) characters in length <BR>
										5. Special Characters accepted are [@#$%]. <BR>
										6. eg: aA123456@ <BR>
										</td>
									</tr>
							  	</table>
						</form>
						
						<%		}		%>
						
						<br />
				
						<div id="contentMessage">
							<h3 class="<%=msgColor%>"><%=msg%></h3>
						</div>
							
						</div>
						
					</div>
		
					<!-- Footer -->
					<%@ include file="/jsp/common/Footer.jsp" %>	
					<!-- End Footer -->
					</div>




</body>
</html>